> I am looking for information on commercial off-the-shelf (COTS) encryption
> products that can be used to provide firewall-to-firewall encryption
> (node-to-node). The device would encrypt based on source/destination
> address and if possible by network service (port).
Network Systems is shipping a product called The Security Router, which
offers encryption using IDEA, DES, Tripple-DES, and a high speed proprietary
algorithm suitable for export.
In addition, it provides Digital Signatures via MD5, data compression via
IBM's ALDC compression algorithm, and Replay Prevention.
We use Diffie-Hellman for key exchange and RSA for key authentication.
Key lifetimes are user definable, can can be set to automatically change
every minute if you want (kind of ridiculous, but your choice).
It can encrypt based on any pattern in the network or transport header.
It is currently installed in 5 countries on 3 continents.
Check out our Web server (www.network.com) for more info on The Security
Router and the encryption capability, Data Provacy Facility (DPF).
- Ted
--------------------------------------------------------------------------
Ted Doty, Network Systems Corporation | phone: +1 301 596-2270
8965 Guilford Road, Suite 250 | fax: +1 410 381-3320
Columbia, MD, 21046 USA | voice mail: (800) 233-1485
--------------------------------------------------------------------------
The opinion expressed in this message is fictitious. Any resemblence to
real opinions, living or dead, is purely coincidental.
References:
|
|
